Well that's expected. The full Android M code will not match the build until after a final public release, sometimes many weeks later in fact. There are lots of modules and bits withheld, not including the radio blobs and other closed hardware support stuff...﻿

moderator

In case any of you missed it, myself and several of my esteemed colleagues finished and published Android Hacker's Handbook this spring. This book is around a year and a half in the making and is well worth the cover price! We hope you find it interesting. Further, we hope the knowledge within will help advance the state of security in the Android ecosystem!

Whats the worst that can happen? How about taking photos, videos, turning on your microphone remotely without you knowing! Your phone and Glass is now vulnerable via browser and Ad Networks, so a compromised wifi hotspot could essentially gain access to your phone. Or just visit a malicious page where the javascript can access your security protected APIs.+Google Glass+Society of Glass Enthusiasts#glassexplorers+Engadget+Gizmodo+GizmodoUK ﻿

Communities

moderator

"Although WebView has been based on Chromium since Android 4.4, the Chromium layer is now updatable from Google Play.

As new versions of Chromium become available, users can update from Google Play to ensure they get the latest enhancements and bug fixes for WebView, providing the latest web APIs and bug fixes for apps using WebView on Android 5.0 and higher."

This change closes a huge gap in Android security. Kudos to everyone that pitched in to make it a reality!﻿

There are lots of process visualizers in the app store, but the trouble is you actually have to use your Android user interface to see the stats. Usually I'm interested in viewing the effects of what's going on in Android in the same time as it's doing its thing, not instead of.

moderator

After I opened my addjsif Metasploit module repository on GitHub, +Joseph Vennix took a closer look and found out +Google Glass XE12 was affected! This allows a remote compromise of the Glass browser by persuading someone to visit a URL. Pretty nasty if you ask me. The bug has been long since fixed on most Android devices, but since Glass runs Android 4.0.4 it's still vulnerable ! OOPS!

Whats the worst that can happen? How about taking photos, videos, turning on your microphone remotely without you knowing! Your phone and Glass is now vulnerable via browser and Ad Networks, so a compromised wifi hotspot could essentially gain access to your phone. Or just visit a malicious page where the javascript can access your security protected APIs.+Google Glass+Society of Glass Enthusiasts#glassexplorers+Engadget+Gizmodo+GizmodoUK ﻿

moderator

Hey all, this CVE just crossed my gaze. This is a bug I discovered in June while doing research for RECon 2013. All Android devices between version 4.0 and 4.3 (inclusive) are affected with the exception of a handful (Moto X, Note 3, Nexus 10 on JWR66Y).